Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

here is an easy one [RESOLVED]


  • This topic is locked This topic is locked

#1
r55741

r55741

    Member

  • Member
  • PipPip
  • 55 posts
computer just frezzes randomly at any time for no reason at all. no matter what i'm doing.

it seems to do it more often when i have limewire or bitlord running.

here is my hijak this thing.

Logfile of HijackThis v1.99.1
Scan saved at 11:28:46 PM, on 9/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\tools\printer\omnipage\opware32.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Internet Security spyware removal tools\a2\a2guard.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\MOZILL~2\THUNDE~1.EXE
C:\Program Files\Internet Security spyware removal tools\a2\a2start.exe
C:\Program Files\Internet Security spyware removal tools\a2\a2scan.exe
C:\Program Files\Internet Security spyware removal tools\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://aimhome.netsc...com/aimhome.adp
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\tools\New Folder\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\tools\printer\omnipage\opware32.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunServices: [ALCFDRTM16] C:\windows\ALCFDRTM16.com
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\Internet Security spyware removal tools\a2\a2guard.exe"
O4 - Global Startup: Acelerador de inicio de AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\tools\office 2000 premium\Office10\OSA.EXE
O4 - Global Startup: MiniEYE-MiniREAD Launch.lnk = C:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\tools\OFFICE~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Messenger Backup\Messenger Backup (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Messenger Backup\Messenger Backup (file missing)
O16 - DPF: {102350D8-051B-48DA-A438-F9E4AAF14D12} (IVCReg Control) - http://38.114.16.240...bConnection.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17....es/MsnPUpld.cab
O16 - DPF: {610FB8B8-2427-4375-BCF9-2F7AE17173A6} (Snapfish File Upload ActiveX Control) - http://www.snapfish....pfishUpload.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1120605721656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1120605974390
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - http://autos.msn.com...ior/Outside.cab
O16 - DPF: {C852B12E-3F08-4099-AF8E-32FD327B88EA} (msnloader Class) - http://rockstar.mess...om/rockstar.cab
O16 - DPF: {CF392BE0-B84F-46E9-BDA9-845119819119} (IPAQSelfHelp Class) - http://ispe.sdc.hp.c...SPEIPAQTool.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{86240126-02C8-49F9-9C5B-C1154F3F98A1}: NameServer = 68.87.66.196,68.87.64.196
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

thanks

Edited by r55741, 11 September 2005 - 02:23 AM.

  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,676 posts
Can you surf to
http://www.thespykil...x.php?topic=5.0
and follow the instructions there to upload:
C:\windows\ALCFDRTM16.com
I'd like to have a look at that one.

Regards,
  • 0

#3
r55741

r55741

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
I had no luck finding ALCFDRTM16.com
but i did find two similar ones ALCFDRTM.EXE and ALCFDRTM.VER they are located at:

http://www.thespykil...php?topic=684.0

i can see hidden folders but ALCFDRTM16.com was no where to be found. i tryed to use the search feature but it crashes windows explorer and brings up a dr watson error which makes me have to restart so it doesn;t work.

thanks.

Edited by r55741, 11 September 2005 - 06:41 PM.

  • 0

#4
dvk01

dvk01

    Malware Expert

  • Visiting Consultant
  • 201 posts
  • MVP
go back to spykiller and make a reply to the post & in the attach box paste this line then press send

C:\windows\ALCFDRTM16.com

that should attach it if it exists
  • 0

#5
r55741

r55741

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

go back to spykiller and make a reply to the post & in the attach box paste this line then press send

C:\windows\ALCFDRTM16.com

that should attach it if it exists

View Post



i can't sem to past anything on the attach box :tazz:
  • 0

#6
dvk01

dvk01

    Malware Expert

  • Visiting Consultant
  • 201 posts
  • MVP
copy the file name and then put your curser in the box on spykiller then press CTRL + V

the right click paste doesn't seem to work with some browsers

jsut put something in the post body first otherwise it wil lreject
  • 0

#7
r55741

r55741

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

copy the file name and then put your curser in the box on spykiller  then press CTRL + V

the right click paste doesn't seem to work with some browsers

jsut put something in the post body first otherwise it wil lreject

View Post



ok done :tazz:
  • 0

#8
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,676 posts
Well. If the file doesn't exist anyway, there is no objection to fix this entry:

O4 - HKLM\..\RunServices: [ALCFDRTM16] C:\windows\ALCFDRTM16.com

Thanks to dvk01's research (thanks!) we know that it might be related to your soundcard and a reinstall of the drivers might solve your problem.

Regards,
  • 0

#9
r55741

r55741

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
ok i'll test drive it for now. it hasn't crashed yet if it does i will reinstall sound drivers and report back if anything goes bad.

thanks a lot for your prompt help. :tazz:
  • 0

#10
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,676 posts
My pleasure. :tazz:
  • 0

#11
r55741

r55741

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
computer keeps crshin even after i reinstalled latests sound drivers. :)

it crashes right after i open bit lord or lime wire. but it crashes even if they are not running, usually wuile i'm surfing the web or playing a video on wmp :tazz:
  • 0

#12
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,676 posts
Can you check your event viewer logs immediately after such a crash to see if they reveal anything about their nature?

Regards,
  • 0

#13
r55741

r55741

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
yes but there is no event listed around the time of the crash.

sometimes it crashes soon after the tcip limit is reached. but sometimes that erroris not presen and it still crashes
  • 0

#14
r55741

r55741

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
problem solved it was caused by new update drivers for marvell yukon ethernet card.

details here:

http://www.geekstogo...=ST&f=5&t=64275
  • 0

#15
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,676 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP